generate_key(): Check return code of BN_set_word()
authorFabian Keil <fk@fabiankeil.de>
Thu, 27 Aug 2020 13:22:08 +0000 (15:22 +0200)
committerFabian Keil <fk@fabiankeil.de>
Tue, 1 Sep 2020 10:22:42 +0000 (12:22 +0200)
Sponsored by: Robert Klemme

openssl.c

index 8691109..05cdf4b 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -1405,7 +1405,12 @@ static int generate_key(struct client_state *csp, char **key_buf)
       goto exit;
    }
 
-   BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT);
+   if (BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT) != 1)
+   {
+      log_ssl_errors(LOG_LEVEL_ERROR, "Setting RSA key exponent failed");
+      ret = -1;
+      goto exit;
+   }
 
    key_file_path = make_certs_path(csp->config->certificate_directory,
       (char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE);